{
  "name": "lumos",
  "title": "Lumos",
  "version": "1.7.0",
  "release": "ga",
  "description": "An integration with Lumos to ship your Activity logs to your Elastic instance.",
  "type": "integration",
  "download": "/epr/lumos/lumos-1.7.0.zip",
  "path": "/package/lumos/1.7.0",
  "icons": [
    {
      "src": "/img/lumos-logo.svg",
      "path": "/package/lumos/1.7.0/img/lumos-logo.svg",
      "title": "Lumos logo",
      "size": "32x32",
      "type": "image/svg+xml"
    }
  ],
  "conditions": {
    "kibana": {
      "version": "^8.19.4 || ~9.0.7 || ^9.1.4"
    },
    "elastic": {
      "subscription": "basic"
    }
  },
  "owner": {
    "type": "partner",
    "github": "elastic/security-service-integrations"
  },
  "categories": [
    "security"
  ],
  "signature_path": "/epr/lumos/lumos-1.7.0.zip.sig",
  "format_version": "3.3.2",
  "readme": "/package/lumos/1.7.0/docs/README.md",
  "license": "basic",
  "screenshots": [
    {
      "src": "/img/lumos-screenshot.png",
      "path": "/package/lumos/1.7.0/img/lumos-screenshot.png",
      "title": "Lumos screenshot",
      "size": "600x600",
      "type": "image/png"
    },
    {
      "src": "/img/activity-log-screenshot.png",
      "path": "/package/lumos/1.7.0/img/activity-log-screenshot.png",
      "title": "Activity Log screenshot",
      "size": "1496x433",
      "type": "image/png"
    }
  ],
  "assets": [
    "/package/lumos/1.7.0/LICENSE.txt",
    "/package/lumos/1.7.0/changelog.yml",
    "/package/lumos/1.7.0/manifest.yml",
    "/package/lumos/1.7.0/docs/README.md",
    "/package/lumos/1.7.0/img/activity-log-screenshot.png",
    "/package/lumos/1.7.0/img/lumos-logo.svg",
    "/package/lumos/1.7.0/img/lumos-screenshot.png",
    "/package/lumos/1.7.0/data_stream/activity_logs/manifest.yml",
    "/package/lumos/1.7.0/data_stream/activity_logs/sample_event.json",
    "/package/lumos/1.7.0/data_stream/activity_logs/fields/base-fields.yml",
    "/package/lumos/1.7.0/data_stream/activity_logs/fields/fields.yml",
    "/package/lumos/1.7.0/data_stream/activity_logs/agent/stream/httpjson.yml.hbs",
    "/package/lumos/1.7.0/data_stream/activity_logs/elasticsearch/ingest_pipeline/default.yml"
  ],
  "policy_templates": [
    {
      "name": "lumos",
      "title": "Lumos Activity Logs",
      "description": "Collect Activity Logs from Lumos",
      "inputs": [
        {
          "type": "httpjson",
          "vars": [
            {
              "name": "api_url",
              "type": "text",
              "title": "API URL.",
              "description": "The root URL for the API endpoints",
              "multi": false,
              "required": true,
              "show_user": false,
              "default": "https://api.lumos.com"
            },
            {
              "name": "http_client_timeout",
              "type": "text",
              "title": "HTTP Client Timeout",
              "description": "Duration before declaring that the HTTP client connection has timed out. Valid time units are ns, us, ms, s, m, h.",
              "multi": false,
              "required": false,
              "show_user": true,
              "default": "60s"
            }
          ],
          "title": "Collect Activity Logs via API",
          "description": "Collecting Activity Logs from Slack via API"
        }
      ],
      "multiple": true,
      "deployment_modes": {
        "default": {
          "enabled": true
        },
        "agentless": {
          "enabled": true
        }
      }
    }
  ],
  "data_streams": [
    {
      "type": "logs",
      "dataset": "lumos.activity_logs",
      "title": "Lumos Activity Logs",
      "release": "ga",
      "ingest_pipeline": "default",
      "streams": [
        {
          "input": "httpjson",
          "vars": [
            {
              "name": "api_token",
              "type": "password",
              "title": "API Token",
              "description": "The API Token used to authenticate with the Lumos API",
              "multi": false,
              "required": true,
              "show_user": true
            },
            {
              "name": "interval",
              "type": "text",
              "title": "Interval",
              "description": "Interval at which the logs will be pulled. The value must be between 2m and 1h. Supported units for this parameter are h/m/s.",
              "multi": false,
              "required": true,
              "show_user": true,
              "default": "1h"
            },
            {
              "name": "initial_interval",
              "type": "text",
              "title": "Initial Interval",
              "description": "Initial interval at which the logs will be pulled. Defaults to 24 hours. Supported units for this parameter are h/m/s.",
              "multi": false,
              "required": true,
              "show_user": false,
              "default": "24h"
            },
            {
              "name": "processors",
              "type": "yaml",
              "title": "Processors",
              "description": "Processors are used to reduce the number of fields in the exported event or to enhance the event with metadata. \nThis executes in the agent before the logs are parsed. \nSee [Processors](https://www.elastic.co/guide/en/beats/filebeat/current/filtering-and-enhancing-data.html) for details.\n",
              "multi": false,
              "required": false,
              "show_user": false
            }
          ],
          "template_path": "httpjson.yml.hbs",
          "title": "Lumos Activity Logs",
          "description": "Collect Lumos Activity Logs via the API",
          "enabled": true,
          "ingestion_method": "API"
        }
      ],
      "package": "lumos",
      "path": "activity_logs"
    }
  ]
}